From 499f2156377f0dc78566c55300abeedb35e5170b Mon Sep 17 00:00:00 2001
From: jonasled <jonas@jonasled.de>
Date: Mon, 11 Nov 2019 09:43:46 +0100
Subject: [PATCH] fixed login

---
 main.py | 35 +++++++++++++++++++----------------
 1 file changed, 19 insertions(+), 16 deletions(-)

diff --git a/main.py b/main.py
index 6e42ee0..3b0d466 100644
--- a/main.py
+++ b/main.py
@@ -253,8 +253,8 @@ def authorizeGoogle():
         userID = r.text.split('"id": "')[1].split('"')[0]
         name = r.text.split('"name": "')[1].split('"')[0]
         resp = make_response(redirect('/')) #redirect the user at the end back to the main page
-        resp.dumps('userID', s.sign("google_" + userID)) #set the cookies with username and userid
-        resp.dumps('username', s.sign(name))
+        resp.set_cookie('userID', s.dumps("google_" + userID)) #set the cookies with username and userid
+        resp.set_cookie('username', s.dumps(name))
         return resp
     except:
         return "Authentication failed"
@@ -262,20 +262,23 @@ def authorizeGoogle():
 
 @app.route('/user/github-callback') #Github redirects to this link after the user authenticated. Then we use the Token we get from github and request via the github api the username and the userid
 def authorizeGithub():
-    code = request.args.get("code")
-    url = "https://github.com/login/oauth/access_token" #The baseurl
-    params = {'client_id': GITHUB_CLIENT_ID, 'client_secret': GITHUB_CLIENT_SECRET, 'code': code} #As paramtere we send the client id and the client secret which we get from github when registering an application and the user code from before
-    oauth_token = post(url,params).text.split("access_token=")[1].split("&")[0] #Send a post request with the parameters from
-
-    headers = {'Authorization': 'token ' + oauth_token,} #Useragent doesn't matters, but is set here
-    githubResponse = get("https://api.github.com/user", headers=headers).text
-    userID = str(json.loads(githubResponse)['id'])
-    username = str(json.loads(githubResponse)['login'])
-
-    resp = make_response(redirect('/')) #redirect the user at the end back to the main page
-    resp.dumps('userID', s.dumps("github_" + userID)) #set the cookies with username and userid
-    resp.dumps('username', s.dumps(username))
-    return resp
+    try:
+        code = request.args.get("code")
+        url = "https://github.com/login/oauth/access_token" #The baseurl
+        params = {'client_id': GITHUB_CLIENT_ID, 'client_secret': GITHUB_CLIENT_SECRET, 'code': code} #As paramtere we send the client id and the client secret which we get from github when registering an application and the user code from before
+        oauth_token = post(url,params).text.split("access_token=")[1].split("&")[0] #Send a post request with the parameters from
+
+        headers = {'Authorization': 'token ' + oauth_token,} #Useragent doesn't matters, but is set here
+        githubResponse = get("https://api.github.com/user", headers=headers).text
+        userID = str(json.loads(githubResponse)['id'])
+        username = str(json.loads(githubResponse)['login'])
+
+        resp = make_response(redirect('/')) #redirect the user at the end back to the main page
+        resp.set_cookie('userID', s.dumps("github_" + userID)) #set the cookies with username and userid
+        resp.set_cookie('username', s.dumps(username))
+        return resp
+    except:
+        return "Authentication failed"
     
 @app.route('/user/logout')
 def logout():
-- 
GitLab